Cryptology ePrint Archive: Report 2016/670

DRE-ip: A Verifiable E-Voting Scheme without Tallying Authorities

Siamak F. Shahandashti and Feng Hao

Abstract: Nearly all verifiable e-voting schemes require trustworthy authorities to perform the tallying operations. An exception is the DRE-i system which removes this requirement by pre-computing all encrypted ballots before the election using random factors that will later cancel out and allow the public to verify the tally after the election. While the removal of tallying authorities significantly simplifies election management, the pre-computation of ballots necessitates secure ballot storage, as leakage of precomputed ballots endangers voter privacy. In this paper, we address this problem and propose DRE-ip (DRE-i with enhanced privacy). Adopting a different design strategy, DRE-ip is able to encrypt ballots in real time in such a way that the election tally can be publicly verified without decrypting the cast ballots. As a result, DRE-ip achieves end-to-end verifiability without tallying authorities, similar to DRE-i, but with a significantly stronger guarantee on voter privacy. In the event that the voting machine is fully compromised, the assurance on tallying integrity remains intact and the information leakage is limited to the minimum: only the partial tally at the time of compromise is leaked.

Category / Keywords: Verifiable E-Voting, End-to-End Verifiability, E2E, Ballot Secrecy, DRE

Original Publication (with minor differences): ESORICS 2016

Date: received 1 Jul 2016, last revised 11 Jul 2016

Contact author: siamak f s at gmail com

Available format(s): PDF | BibTeX Citation

Note: This is the full version of a paper by the same title to appear in ESORICS 2016.

Version: 20160711:171334 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]